Skip to content

Nigh-Indestructible Cookie

Slashdot links to the efforts of a security researcher proving out a contention Ed Felten offered early on in discussions of tracking technologies. If you use legislation or technology to obliterate one form of tracking without addressing the core behavior and economics that drive it, advertisers will just route around the obstacle.

evercookie is a javascript API available that produces extremely persistent cookies in a browser. Its goal is to identify a client even after they’ve removed standard cookies, Flash cookies (Local Shared Objects or LSOs), and others.

There are ways to defend against the various technologies used. At the proof of concept site, you can test your deletion techniques interactively. There are also more techniques for making the evercookie more insidious that have not yet been implemented.

This shows that a determined advertiser could make the cost of avoiding tracking increasingly high, to the point where more folks are likely to get snared. This doesn’t even take into account the work by the EFF on browser finger printing for which there is no effective defense though some browser makers are seriously considering how to change that.

Introducing the Invulnerable Evercookie, Slashdot

Posted in CyberLiberties.

Tagged with .

0 Responses

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.

Some HTML is OK

or, reply to this post via trackback.

Creative Commons License
The Command Line by Thomas Gideon
is licensed under a Creative Commons Attribution-Share Alike 3.0 United States License.